PT-2021-24114 · Nxp · Nxp Kinetis K82

Published

2021-12-01

Updated

2021-12-16

CVE-2021-44479

CVSS v3.1

6.1

Medium

Vector

AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N

Name of the Vulnerable Software and Affected Versions: NXP Kinetis K82 devices (affected versions not specified)

Description: The issue is related to a buffer over-read that occurs when a crafted wlength value is used in a GET Status-Other request during USB In-System Programming (ISP) mode. This results in the disclosure of protected flash memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2021-44479

Affected Products

Nxp Kinetis K82

PT-2021-24114 · Nxp · Nxp Kinetis K82

CVE-2021-44479

Weakness Enumeration

Related Identifiers

Affected Products

References · 5